This report, based on Cyber Wardens research conducted in January 2024, reveals alarmingly common everyday habits exposing small businesses to cyber attacks. With almost 80% of owners observing risky practices within their teams, a proactive approach to cyber hygiene is crucial.
Key Findings:
- Poor password management: Nearly 20% keep passwords written down, and almost 25% share them with colleagues.
- Vulnerable endpoints: Over 27% put computers in sleep mode instead of shutting down, delaying crucial software updates.
- Unwise communication: One in ten out-of-office messages disclose personal details, potentially aiding phishing attempts.
- Employee awareness varies: Millennials, larger teams, and women owners were more likely to identify bad habits.
Recommendations:
- Implement Cyber Warden training to empower employees to spot and report risky behavior.
- Promote good habits like strong passwords, shutdowns for updates, and secure out-of-office messages.
- Utilize multi-factor authentication and password managers for enhanced security.
- Regularly back up data to facilitate swift recovery from attacks.
Actionable Insights:
Small businesses can minimize cyber risks by:
- Prioritizing cyber hygiene awareness among all team members.
- Adopting secure password practices and leveraging password managers.
- Implementing out-of-office message guidelines to avoid vulnerability.
- Investing in multi-factor authentication and data backup solutions.
By addressing these key areas, small businesses can significantly reduce their cyber risk and ensure a more secure operating environment.
5 Good Habits to Keep Your Small Business Safe from Cyber Attacks
| Habit | Description | Risks of not doing it | Benefits of doing it |
|---|---|---|---|
| Shut down computers | Instead of sleep mode, shut down computers daily. | Outdated software vulnerabilities become accessible to hackers. | Automatic software updates install, enhancing protection. |
| Use strong passphrases | Create unique, long, and original passphrases for every account. | Password reuse and short passwords lead to compromised accounts. | Prevents access to multiple accounts if one is cracked. |
| Report suspicious emails | Share potentially dangerous emails with IT or management instead of deleting them. | Missed scams leave others vulnerable and prevent investigation. | Enables blocking senders, warning staff, and reporting scams. |
| Provide unique logins | Assign individual logins to each team member. | Shared passwords expose multiple accounts if one is compromised. | Enhances protection from insider threats and compromises. |
| Install updates promptly | Don’t delay, prioritize and install software updates as soon as possible. | Security vulnerabilities remain exploitable if updates are ignored. | Delivers bug fixes and security patches for fast protection. |
